package com.bdk.middle.management.web;


import com.bdk.middle.common.domain.PageDO;
import com.bdk.middle.common.result.ResultDO;
import com.bdk.middle.common.result.web.ObjectResponse;
import com.bdk.middle.common.status.ErrorCode;
import com.bdk.middle.management.api.domain.MenuDO;
import com.bdk.middle.management.api.domain.PermissionDO;
import com.bdk.middle.management.api.domain.PermissionDO2;
import com.bdk.middle.management.api.query.PermissionAssignQueryDO;
import com.bdk.middle.management.api.query.PermissionQueryDO;
import com.bdk.middle.management.api.query.RoleQueryDO;
import com.bdk.middle.management.service.PermissionService;
import com.bdk.middle.management.service.RoleService;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.Set;

/**
 * <p>
 * 权限 前端控制器
 * </p>
 *
 * @author Reagan
 * @since 2021-01-23
 */
@RestController
@RequestMapping("/permission")
public class Permission2Controller {

    @Autowired
    private PermissionService permissionService;

    @Autowired
    private RoleService roleService;

    @RequestMapping(value="/add.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody
    ObjectResponse add(@RequestBody PermissionDO domain) {

        ObjectResponse response = new ObjectResponse();
        //校验参数
        if(domain.getName()==null|| StringUtils.isEmpty(domain.getName())){
            response.setStatus(ErrorCode.SYSTEM_INCORRECT_PARAM.getCode());
            response.setMsg(ErrorCode.SYSTEM_INCORRECT_PARAM.getMsg()+",权限名称不能为空");
            return response;
        }
        if(domain.getCode()==null||StringUtils.isEmpty(domain.getCode())){
            response.setStatus(ErrorCode.SYSTEM_INCORRECT_PARAM.getCode());
            response.setMsg(ErrorCode.SYSTEM_INCORRECT_PARAM.getMsg()+",权限code不能为空");
            return response;
        }
        ResultDO result = permissionService.add(domain);

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }

        return response;
    }

    @RequestMapping(value="/edit.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse edit(@RequestBody PermissionDO domain) {

        ObjectResponse response = new ObjectResponse();
        if(domain.getId()==null){
            response.setStatus(ErrorCode.SYSTEM_INCORRECT_PARAM.getCode());
            response.setMsg(ErrorCode.SYSTEM_INCORRECT_PARAM.getMsg()+",缺少权限id");
            return response;
        }
        ResultDO result = permissionService.edit(domain);

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }
        return response;
    }


    @RequestMapping(value="/delete.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse delete(@RequestBody PermissionDO domain) {

        ObjectResponse response = new ObjectResponse();

        ResultDO result = permissionService.remove(domain.getId(), null);

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }
        return response;
    }

    @RequestMapping(value="/detail.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse detail(@RequestBody PermissionDO domain) {

        ObjectResponse<PermissionDO> response = new ObjectResponse();

        ResultDO result = permissionService.get(domain.getId());

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        } else {
            response.setData((PermissionDO) result.getModel(ResultDO.FIRST_MODEL_KEY));
        }
        return response;
    }

    /**
     * 返回用户权限列表
     * @return
     */
    @RequestMapping(value="/list.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse list() {

        ObjectResponse response = new ObjectResponse();
        //当前用户
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String username = authentication.getName();
        //系统用户角色id集
        ResultDO result=roleService.getRoleIdsByUsername(username);
        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }else {

        }
        Set<String> roleIds=(Set<String>)result.getModel(ResultDO.FIRST_MODEL_KEY);
        //返回角色相应的权限
        List<PermissionDO2> permissions=null;
        for(String roleId:roleIds){
            permissions= permissionService.getPermissionByRoleId(roleId);
        }
        response.setData(permissions);
        return response;
    }

    /**
     * 角色权限分配,单个权限分配
     * @param domain
     * @return
     */
    @RequestMapping(value="/assign.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse assign(@RequestBody PermissionAssignQueryDO domain) {

        ObjectResponse response = new ObjectResponse();

        ResultDO result = roleService.assignPermission(domain);

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }
        return response;
    }


    /**
     * 根据角色id查询相应权限
     * @param domain
     * @return
     */
    @RequestMapping(value="/listByRoleId.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse getRolePermissionByRole(@RequestBody RoleQueryDO domain) {

        ObjectResponse response = new ObjectResponse();
        String roleId=domain.getId();
        if(roleId==null || StringUtils.isEmpty(roleId)){
            response.setStatus(ErrorCode.SYSTEM_INCORRECT_PARAM.getCode());
            response.setMsg(ErrorCode.SYSTEM_INCORRECT_PARAM.getMsg());
        }
        List<PermissionDO2> permissions = permissionService.getPermissionByRoleId(roleId);

        response.setData(permissions);
        return response;
    }

    /**
     * 角色分配权限,多个权限分配
     * 多个权限id通过逗号分隔
     */
    @RequestMapping(value="/multi_assign.html", method = RequestMethod.POST)
    @PreAuthorize("hasRole('ROLE_superadmin')")
    public @ResponseBody ObjectResponse multiAssign(@RequestBody PermissionAssignQueryDO domain) {

        ObjectResponse response = new ObjectResponse();

        ResultDO result = roleService.assignMultiPermission(domain);

        if(!result.isSuccess()) {
            response.setStatus(result.getErrorCode().getCode());
            response.setMsg(result.getErrorCode().getMsg());
        }
        return response;
    }
}

